Allow OPTIONS requests when CORS is enabled

This commit is contained in:
Robin Ward 2015-05-14 11:14:29 -04:00
parent 0b62730382
commit 963b08f063
1 changed files with 11 additions and 1 deletions

View File

@ -8,7 +8,17 @@ if GlobalSetting.enable_cors
end
def call(env)
if env['REQUEST_METHOD'] == 'OPTIONS' and env['HTTP_ACCESS_CONTROL_REQUEST_METHOD']
return [200, apply_headers(env), []]
end
status, headers, body = @app.call(env)
[status, apply_headers(env, headers), body]
end
def apply_headers(env, headers=nil)
headers ||= {}
origin = nil
cors_origins = @global_origins || []
cors_origins += SiteSetting.cors_origins.split('|') if SiteSetting.cors_origins
@ -22,7 +32,7 @@ if GlobalSetting.enable_cors
headers['Access-Control-Allow-Credentials'] = "true"
end
[status,headers,body]
headers
end
end